Data Governance and Security Implementation Questions

Designing and applying technical and operational controls to protect data across storage, processing, and integration points. Topics include data classification and labeling to identify sensitive data, database and application level access controls such as role based access control and attribute based access control, encryption at rest and in transit, key management, tokenization and masking, secure handling of credentials and API keys, audit logging and immutable trails, retention and secure deletion policies, monitoring and alerting, and integration of these controls with privacy requirements and incident response processes. Candidates should be able to discuss concrete implementation patterns, trade offs, tooling choices, and testing and validation approaches.